Applicable in PathCheck-class directives and Service-class directives.
The deny-service function sends a “Proxy Denies Access” error when a client tries to access a specific path. If this directive appears in a client region, the directive performs access control on the specified clients.
The proxy specifically denies clients instead of specifically allowing them access to documents. The default object is used when a client doesn’t match any client region in objects. Because the default object uses the deny-service function, no one is allowed access by default.
PathCheck fn=deny-service path=.*someexpression.*
The following table describes the parameter for the deny-service function.
Table 5–51 deny-service parameters
Parameter |
Description |
---|---|
path |
A regular expression representing the path to check. Not specifying this parameter is equivalent to specifying *. URLs matching the expression are denied access to the proxy server. |
Example
<Object ppath="http://sun/.*"> # Deny servicing proxy requests for fun GIFs PathCheck fn=deny-service path=.*fun.*.gif # Make sure nobody except Sun employees can use the object # inside which this is placed. <Client dns=*~.*.sun.com> PathCheck fn=deny-service </Client> </Object> |